libaacs | branch: master | npzacs <npz...@gmail.com> | Tue Oct 15 09:34:22 2013 +0300| [8564b415e77091120f80cf268942196b335710d9] | committer: npzacs
mmc_read_drive_cert(): verify and cache certificate > http://git.videolan.org/gitweb.cgi/libaacs.git/?a=commit;h=8564b415e77091120f80cf268942196b335710d9 --- src/libaacs/mmc.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/src/libaacs/mmc.c b/src/libaacs/mmc.c index 4f37a0c..c091d42 100644 --- a/src/libaacs/mmc.c +++ b/src/libaacs/mmc.c @@ -1262,11 +1262,22 @@ int mmc_read_drive_cert(MMC *mmc, uint8_t *drive_cert) DEBUG(DBG_MMC | DBG_CRIT, "Drive does not support reading drive certificate\n"); } - if (_mmc_report_key(mmc, 0, 0, 0, 0x38, buf, 116)) { - memcpy(drive_cert, buf + 4, 92); - return MMC_SUCCESS; + if (!_mmc_report_key(mmc, 0, 0, 0, 0x38, buf, 116)) { + if (mmc->read_drive_cert) { + DEBUG(DBG_MMC | DBG_CRIT, "Failed reading drive certificate\n"); + } + return MMC_ERROR; } - return MMC_ERROR; + + if (!crypto_aacs_verify_drive_cert(buf + 4)) { + DEBUG(DBG_MMC | DBG_CRIT, "Drive certificate is invalid\n"); + return MMC_ERROR; + } + + memcpy(mmc->drive_cert, buf + 4, 92); + memcpy(drive_cert, buf + 4, 92); + + return MMC_SUCCESS; } uint8_t *mmc_read_mkb(MMC *mmc, int address, int *size) _______________________________________________ libaacs-devel mailing list libaacs-devel@videolan.org https://mailman.videolan.org/listinfo/libaacs-devel
